# Maintainer: Felix Yan <felixonmars@archlinux.org>
# Contributor: Stéphane Gaudreault <stephane@archlinux.org>
# Contributor: Allan McRae <allan@archlinux.org>
# Contributor: Jason Chu <jason@archlinux.org>

pkgname=python2
pkgver=2.7.18
pkgrel=4
_pybasever=2.7
pkgdesc="A high-level scripting language"
arch=('x86_64')
license=('PSF')
url="https://www.python.org/"
depends=('bzip2' 'expat' 'gdbm' 'libffi' 'libnsl' 'libxcrypt' 'openssl' 'sqlite' 'zlib')
makedepends=('tk' 'bluez-libs')
checkdepends=('gdb' 'file' 'xorg-server-xvfb')
optdepends=('tk: for IDLE'
            'python2-setuptools'
            'python2-pip')
conflicts=('python<3')
_gentoo_patches="python-gentoo-patches-${pkgver}_p7"
source=("https://www.python.org/ftp/python/${pkgver%rc?}/Python-${pkgver}.tar.xz"{,.asc}
        mtime-workaround.patch
        "https://dev.gentoo.org/~mgorny/dist/python/$_gentoo_patches.tar.xz"
        py2-ize-the-CJK-codec-test.patch)
sha512sums=('a7bb62b51f48ff0b6df0b18f5b0312a523e3110f49c3237936bfe56ed0e26838c0274ff5401bda6fc21bf24337477ccac49e8026c5d651e4b4cafb5eb5086f6c'
            'SKIP'
            '4e761cfd57791e8b72ecdf84c2e03875bf074311130eea5b8e97409fa304fa3468dbd359a511c4e9978e686e662c58054b4174d3e73f845fa9ded2e83a3a8076'
            'a3cd34f38a717183d9a8d6b91817a6ac989fb8ae4275f35cba4be810813a4c9c45f4e72d16aee33904eddaee77c4719b516392d629d2c4627c840e4ecc6bc121'
            '67fb8116825f646cbe0f12d9ffb68c2e2006e98721c80c674738315160c0dfdb5f200b8d3229f85dbac2510ba436b0f701e44542ce4494cdd191cd1b8ca0bf0f')
validpgpkeys=('C01E1CAD5EA2C4F0B8E3571504C367C218ADD4FF')  # Benjamin Peterson
noextract=("$_gentoo_patches.tar.xz")

prepare() {
  bsdtar -xf $_gentoo_patches.tar.xz -s /$_gentoo_patches//

  cd Python-${pkgver}

  # makepkg will touch all files to $SOURCE_DATE_EPOCH which will break pyc file's mtime check.
  # workaround this by touching them to $SOURCE_DATE_EPOCH before running compileall.
  patch -p0 -i ../mtime-workaround.patch

  patch -p1 -i ../0001-bpo-39017-Avoid-infinite-loop-in-the-tarfile-module-.patch #CVE-2019-20907
  patch -p1 -i ../0002-bpo-39503-CVE-2020-8492-Fix-AbstractBasicAuthHandler.patch #CVE-2020-8492
  patch -p1 -i ../0003-bpo-39603-Prevent-header-injection-in-http-methods-G.patch #CVE-2020-26116
  patch -p1 -i ../0004-bpo-42051-Reject-XML-entity-declarations-in-plist-fi.patch
  patch -p1 -i ../0005-bpo-41944-No-longer-call-eval-on-content-received-vi.patch #CVE-2020-27619
  patch -p1 -i ../0006-bpo-40791-Make-compare_digest-more-constant-time.-GH.patch
  patch -p1 -i ../0007-3.6-closes-bpo-42938-Replace-snprintf-with-Python-un.patch #CVE-2021-3177
  patch -p1 -i ../0024-3.6-bpo-42967-only-use-as-a-query-string-separator-G.patch #CVE-2021-23336
  patch -p1 -i ../py2-ize-the-CJK-codec-test.patch

  # Temporary workaround for FS#22322
  # See http://bugs.python.org/issue10835 for upstream report
  sed -i "/progname =/s/python/python${_pybasever}/" Python/pythonrun.c

  # Enable built-in SQLite module to load extensions (fix FS#22122)
  sed -i "/SQLITE_OMIT_LOAD_EXTENSION/d" setup.py

  # FS#23997
  sed -i -e "s|^#.* /usr/local/bin/python|#!/usr/bin/python2|" Lib/cgi.py

  sed -i "s/python2.3/python2/g" Lib/distutils/tests/test_build_scripts.py \
    Lib/distutils/tests/test_install_scripts.py

  # Ensure that we are using the system copy of various libraries (expat, zlib and libffi),
  # rather than copies shipped in the tarball
  rm -r Modules/expat
  rm -r Modules/zlib
  rm -r Modules/_ctypes/{darwin,libffi}*

  # clean up #!s
  find . -name '*.py' | \
    xargs sed -i "s|#[ ]*![ ]*/usr/bin/env python$|#!/usr/bin/env python2|"

  # Workaround asdl_c.py/makeopcodetargets.py errors after we touched the shebangs
  touch Include/Python-ast.h Python/Python-ast.c Python/opcode_targets.h
}

build() {
  cd "${srcdir}/Python-${pkgver}"

  export OPT="${CFLAGS}"
  ./configure --prefix=/usr \
              --enable-shared \
              --with-threads \
              --enable-optimizations \
              --with-lto \
              --enable-ipv6 \
              --enable-unicode=ucs4 \
              --with-system-expat \
              --with-system-ffi \
              --with-dbmliborder=gdbm:ndbm \
              --without-ensurepip

  make
}

check() {
  # Since 2.7.14 with latest xvfb
  # test_idle, test_tk, test_ttk_guionly: segfaults
  # Since 2.7.15: test_ctypes
  # test_ftplib test_imaplib test_urllib2_localnet: krb5 errors
  # test_codecmaps_jp: TODO

  cd Python-${pkgver}
  LD_LIBRARY_PATH="${srcdir}/Python-${pkgver}":${LD_LIBRARY_PATH} \
    xvfb-run "${srcdir}/Python-${pkgver}/python" -m test.regrtest -v -uall -x test_idle test_tk test_ttk_guionly test_ctypes test_ssl test_ftplib test_imaplib test_urllib2_localnet test_codecmaps_jp
}

package() {
  cd Python-${pkgver}

  # Hack to avoid building again
  sed -i 's/^all:.*$/all: build_all/' Makefile

  make DESTDIR="${pkgdir}" altinstall maninstall

  rm "${pkgdir}"/usr/share/man/man1/python.1

  ln -sf python${_pybasever}        "${pkgdir}"/usr/bin/python2
  ln -sf python${_pybasever}-config "${pkgdir}"/usr/bin/python2-config
  ln -sf python${_pybasever}.1      "${pkgdir}"/usr/share/man/man1/python2.1

  # FS#33954
  ln -sf python-${_pybasever}.pc    "${pkgdir}"/usr/lib/pkgconfig/python2.pc

  ln -sf ../../libpython${_pybasever}.so "${pkgdir}"/usr/lib/python${_pybasever}/config/libpython${_pybasever}.so

  mv "${pkgdir}"/usr/bin/smtpd.py "${pkgdir}"/usr/lib/python${_pybasever}/

  # some useful "stuff"
  install -dm755 "${pkgdir}"/usr/lib/python${_pybasever}/Tools/{i18n,scripts}
  install -m755 Tools/i18n/{msgfmt,pygettext}.py "${pkgdir}"/usr/lib/python${_pybasever}/Tools/i18n/
  install -m755 Tools/scripts/{README,*py} "${pkgdir}"/usr/lib/python${_pybasever}/Tools/scripts/

  # fix conflicts with python
  mv "${pkgdir}"/usr/bin/idle{,2}
  mv "${pkgdir}"/usr/bin/pydoc{,2}
  mv "${pkgdir}"/usr/bin/2to3{,-2.7}

  # clean-up reference to build directory
  sed -i "s#${srcdir}/Python-${pkgver}:##" "${pkgdir}"/usr/lib/python${_pybasever}/config/Makefile

  # license
  install -Dm644 LICENSE "${pkgdir}"/usr/share/licenses/${pkgname}/LICENSE
}
